• 0 Posts
  • 9 Comments
Joined 1 year ago
cake
Cake day: October 1st, 2023

help-circle
  • With the price of ssds what they are now for a small 100gb why bother with the additional setup and potentially failure points.

    I’ve run esxi through network and even that wasn’t fun with longish boot times. I certainly wouldn’t like to run proxmox that way. These days there’s really no reason not to have “some” fast direct storage in each server even if it’s just used mainly as cache.

    What you’re looking for is possible but to me the saving of $20 ish per machine just isn’t worth introducing more headaches.


  • Some more details may help here.

    What printer is it and what’s it reaching out for?

    As said, setting up static ip and removing the gateway will usually be enough. Vlans are the better option but steeper learning. I’d be interested to find out what it’s doing though. Knowing what you’re working with may help others advise you more specifically.

    If it’s checking to find time or for updates then it’s probably harmless. Do you need internet to enable any features like remote send or monitoring and the like?


  • Depends on the error as to how it will affect you.

    The 2 most serious ones I’ve seen are:

    Self test error or communication error

    Both will cause long post times. Once up and running if you don’t use Ilo you won’t see any difference.

    There’s a less serious nand issue that won’t slow down post. All of Ilo will function pretty much but you lose intelligent provisioning functions and some other small things. You get a warning in Ilo. This can sometimes be fixed with Ilo update and nand reset but doesn’t usually work.

    From my personal point of view, ilo is one of the big reasons to use these servers. If you don’t need / use out of band management then there’s likely better options. I would avoid any with Ilo issues.

    With that said, if you get a good deal on a server then the system boards are becoming more common in a lot of cases so swapping that out might not be problem.


  • Surely you should have the answers before exposing sensitive devices to the outside world?

    Not trying to be mean but if you don’t understand what’s happening and why then how can you guard against it?

    Everybody gets probed, that is normal. Make it difficult by taking basic precautions and they will move on to easier targets. There’s so many people that don’t do anything and leave themselves wide open. This is what they’re looking for in most cases. Exceptions do include people you might have upset and specifically want access to yours.

    Do some homework, secure / segregate your stuff and move on :)


  • There’s a reason stripe is a payment processor and your company is using it.

    Regulations and costs alone make it difficult for companies, never mind individuals. Getting approval for things. Having protections, gaining trusts etc etc. the list is endless. It’s not something that an individual should ever be considering. Stripes fees aren’t too bad and they do the heavy lifting. You would spend way more thinking about setting up yourself and researching. The time cost involved. It’s just not worth it for anybody but the biggest players.



  • Jellyfin is a media player. It’s built in security is more than enough for most. A lot use it for access to their own personal collections. You’re using it for your own use, you’re not distributing so doubtful anybody would care. There’s no way to know what’s there so not worth anybody’s time. Now if you were selling logins to that server and advertising the content then things would be different in the same way that if you seed pirated content they will care more than if you just leech it. For all they know you could have your personal home videos behind it or legitimate backups of physical disks you own. Hide it behind a subdomain and random path then unless somebody is looking for it they won’t stumble on it in the first place. This should be enough really. Jellyfin is designed to keep your content secure. The only way somebody official would come knocking is if they suspect there’s something to hide. Unless you tell people they have no reason to suspect. They have much bigger fish to fry.

    I don’t think you have anything to worry about but you can ofc secure things further if you want to jump through a few mostly unrequired hoops.

    That’s just my personal opinion. If you don’t feel safe exposing it then you shouldn’t and should setup a vpn or similar and hide it all behind that. My jellyfin has been exposed for years. Just me and my family using it. I’ve never had anybody try to access it. Nothing exciting behind it other than family videos but nobody knows that.



  • I’d personally recommend using caddy and proxying as that will automatically get let’s encrypt certificates. I’m not sure if it works on .local addresses though. It’s possibly worth grabbing a cheap domain to do it, moving it to cloudflare and then using the caddy cloudflare dns Addon to get the certificates. Then you could have external access also down the line. If you want to keep the .local domain You may have to manually add the self-signed certificate to trusted stores. This isn’t always possible so you might be SOL if you’re wanting to keep the local domain.